[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap 2.4.28 and "allow bind_v2"

> I have built and upgraded one of my openldap servers from 2.4.26 to 2.4.28
>  (on RHEL release
> 5.7 x86_64) and with the identical configuration to my other servers, I am
> seeing the following
> messages in the slapd.log file:
> slapd[4434]: conn=115331 fd=263 ACCEPT from IP=X.X.X.X:51856
> (IP=
> slapd[4434]: conn=115331 op=0 do_extended: protocol version (2) too low
> slapd[4434]: conn=115331 op=0 DISCONNECT tag=120 err=2 text=requires
> LDAPv3
> slapd[4434]: conn=115331 fd=263 closed (operations error)
> I'm not seeing anything leaping out at me from the change log for
> 2.4.27/2.4.28 that indicates
> what I have gotten wrong that worked until now.
> As I said, I am running the same slapd.conf file on my 2.4.26
> installations and not seeing
> these failures there at all (and since I use an F5 load balancer, these
> connections are sprayed
> all across my pool of servers).
> Where should I start looking?

"do_extended" means an extended operation is being requested with protocol
version set to LDAPv2, and LDAPv2 has no notion of extended operations. 
Can you track what operation is being requested?